Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
X-Pingback | https://www.hamburgersnheroin.com/wp/xmlrpc.php |
Content-Encoding | gzip |
Cache-Control | public, max-age=2592000 |
Access-Control-Allow-Origin | * |
Access-Control-Allow-Credentials | true |
Age | 0 |
X-Cache | MISS |
X-Cache-Hits | 0 |
X-Served-By | chameleon |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com widgets.cryptocompare.com min-api.cryptocompare.com *.ampproject.org platform.instagram.com graph.facebook.com ssl.google-analytics.com assets.zendesk.com www.google.com *.twimg.com www.gstatic.com script.hotjar.com www.google-analytics.com www.bloglovin.com connect.facebook.net cdn.jsdelivr.net pagead2.googlesyndication.com widget.bloglovin.com static.hotjar.com platform.twitter.com maps.googleapis.com; img-src 'self' www.hamburgersnheroin.com maps.googleapis.com maps.gstatic.com azarius.net www.cryptocompare.com *.wp.com *.gravatar.com *.ampproject.org *.cdninstagram.com *.facebook.com *.twimg.com www.google-analytics.com stats.g.doubleclick.net *.medium.com *.twitter.com ssl.google-analytics.com csi.gstatic.com *.zendesk.com; style-src 'self' 'unsafe-inline' *.twitter.com *.ampproject.org *.googleapis.com assets.zendesk.com; font-src 'self' themes.googleusercontent.com fonts.gstatic.com fonts.googleapis.com; frame-src *.soundcloud.com *.spotify.com *.vimeo.com *.ampproject.org www.instagram.com www.youtube.com www.google.com assets.zendesk.com googleads.g.doubleclick.net www.facebook.com s-static.ak.facebook.com www.bloglovin.com syndication.twitter.com staticxx.facebook.com platform.twitter.com vars.hotjar.com tautt.zendesk.com; connect-src www.hamburgersnheroin.com graph.facebook.com graylog.hotjar.com insights.hotjar.com; object-src pagead2.googlesyndication.com |
Accept-Ranges | bytes |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |